git.proxmox.com Git - mirror_frr.git/commit

zebra: install EVPN gateway MAC as static/sticky

SVI interface ip/hw address is advertised by the GW VTEP (say TORC11) with
the default-GW community. And the rxing VTEP (say TORC21) installs the GW
MAC as a dynamic FDB entry. The problem with this is a rogue packet from a
server with the GW MAC as source can cause a station move resulting in
TORC21 hijacking the GW MAC address and blackholing all inter rack traffic.

Fix is to make the GW MAC "sticky" pinning it to the GW VTEP (TORC11). This
commit does it by installing the FDB entry as static if the MACIP route is
received with the default-GW community (mimics handling of
mac-mobility-with-sticky community)

Sample output with from TORC12 with TORC11 setup as gateway -
root@TORC21:~# net show evpn mac vni 1004 mac 00:00:5e:00:01:01
MAC: 00:00:5e:00:01:01
Remote VTEP: 36.0.0.11 Remote-gateway Mac
Neighbors:
    45.0.4.1
    fe80::200:5eff:fe00:101
    2001:fee1:0:4::1

root@TORC21:~# bridge fdb show |grep 00:00:5e:00:01:01|grep 1004
00:00:5e:00:01:01 dev vx-1004 vlan 1004 master bridge static
00:00:5e:00:01:01 dev vx-1004 dst 36.0.0.11 self static
root@TORC21:~#

Signed-off-by: Anuradha Karuppiah <anuradhak@cumulusnetworks.com>
Ticket: CM-21508

author	Anuradha Karuppiah <anuradhak@cumulusnetworks.com>
	Tue, 10 Jul 2018 00:44:44 +0000 (17:44 -0700)
committer	Anuradha Karuppiah <anuradhak@cumulusnetworks.com>
	Tue, 10 Jul 2018 00:44:44 +0000 (17:44 -0700)
commit	51f4dab42652446075664bf22962e125d754de31
tree	7bf5bbf371ca53fee518d66cf0117201433c9b27	tree
parent	6b479dff80ba32ab687cedeb1f05c9177da2c812	commit \| diff

zebra/zebra_vxlan.c		diff \| blob \| blame \| history
zebra/zebra_vxlan_private.h		diff \| blob \| blame \| history